Most frustratingly, after the 3rd try, when I rebooted all I got was the blinking underscore of GRUB doom.

I'll try and redo it again, and see if GRUB is the issue.
Thanks for the well done howto.

UPDATE
After substantially more messing around with GRUB (finally got it to install) and figuring out how to re-active the volumes after reboot (using the "lvchange -a y" command). NOW when I restart the computer and select the OS in GRUB it tries to load the information from crypttab and fstab and says something along the lines of the volume group "volumes" not existing. As much as I want this to work, after 10+ hours I give up

I loved this approach, and it works well for me (so far). I will list what I did, with some comments where it diverts:

[After booting up the Installer, in console/terminal:]
sudo -i ## I am used to this instead of sudo -s because it will read resource files
apt-get install cryptsetup lvm2 squashfs-tools
[boot partition for a /dev/sdXY of around 100 MB and an encrypted lvm on /dev/sdXZ of (much) over 25 GB]

badblocks -c 10240 -s -w -t random -v /dev/sdXZ ## this is apparently much faster than using urandom, but pseudo-random; another plus: it checks for bad blocks
cryptsetup luksFormat -c aes -s 128 /dev/sdXZ ## recently it was shown that 128bit AES is more robust against some attacks than 192/256bit
cryptsetup luksOpen /dev/sdXZ crypt ## 'crypt' being a chosen name
vgcreate secret /dev/mapper/crypt ## 'secret' being a chosen name
lvcreate -C y -L 2100M -n swap secret ## 'swap' being a chosen name; -C y ensures the swap is contiguous, which is important for performance
lvcreate -L 20G -n linux secret ## 'linux' being a chosen name
lvcreate -l 100%FREE -n home secret ## 'home' being a chosen name; -l 100%FREE uses up the rest of the space
mkswap -f -L swap /dev/mapper/secret-swap ## 'swap' again being a chosen name; -f ensures that all the available space is used
mkfs.ext4 -L linux /dev/mapper/secret-linux ## 'linux'' again being a chosen name
mkfs.ext4 -L home -m 0 /dev/mapper/secret-home ## 'home' again being a chosen name; -m 0 means no reserved blocks for root
mkfs.ext2 -L boot /dev/sdXY ## 'boot' being a chosen name

apt-get purge ^live-* ## Including ^ means the name has to start with live-
apt-get update
apt-get install cryptsetup lvm2
update-grub ## this is how I always update the grub.cfg
grub-install /dev/sdX ## and install it

deluser --remove-home mint
adduser USER ## instead of USER choose username
addgroup USER sudo ## instead of USER choose username
passwd -l root
sed -i "s/mint/USER/" /etc/gdm3/daemon.conf ## instead of USER choose username; this will autologin, like the live installer
echo "HOSTNAME" >/etc/hostname ## it would be nice to also set the time(zone), but can do this in the new install

umount /dev/pts
umount /proc
umount /sys
exit

umount /mnt/dev
umount /mnt/boot
umount /mnt
sync
reboot

[In the new install, set the right time(zone), and use the Mint-debian-updater to get up to date]

Great how-to, but it took four tries to make it work on my new Thinkpad X220 with WIndows 7 already installed. It turned out that the one thing I had to do was to replace the command "dpkg-reconfigure grub-pc" with "grub-install". Perhaps this is a Grub 2 change?

and then it wouldn't umount the /proc or /dev fs regardless of how many times you use --force or kill the processes keeping them active. I just rebooted which worked (I'm using LMDE with lvm right now as I'm writing this) after exiting the chroot environment.

This was mentioned, but don't forget to update your timezone. You could do this in the chroot with

Thanks for providing this tutorial. It eventually worked for me, with some minor alterations:

1. Downloaded LMDE 12 Mate/Cinnamon 201204 64 bit release
2. Created live USB stick (on my old Linux machine)
3. Instead of installing directly onto disk, I installed the LMDE as a VM in Virtualbox - see this link http://www.netzgewitter.com/2011/09/how ... ard-drive/
4. So far so good. Here is the important stuff:

a. After the install on disk/LVM, Synaptic would exit with segmentation fault. Issuing

apt-get clean

fixed the issue.

b. dpkg-reconfigure grub-pc didn't work and messed up the install. I used the following method mentioned in this thread:

update-grub ## this is how I always update the grub.cfg
grub-install /dev/sdX ## and install it

c. /etc/gdm3/daemon.conf is not available on my install - seems like Mate isn't using this. By following the procedure mentioned under 3. I got a completely installed system with my account settings, as well as all the locale stuff, time/date etc. There is no need to edit the /gdm3/daemon.conf or similar file.

d. Since I was installing on a new system with plenty of RAM (32 gig), the only thing I needed was a live USB stick and a USB stick with the iso file of the distribution (for the Virtualbox install). I created a tmpfs with 10 gig in RAM and installed the VM onto the RAM tmpfs.

e. Since I use an SSD for /, /boot, and /home, I modified the fstab according to the following suggestions:

While the system booted Ok, I had some minor problems later on, for example synaptic would only start via terminal and sudo -i or -s. Could have been a sudoers issue with permissions.

I installed some other stuff (Xen and Nvidia proprietary driver) and got some complications running the Xen kernel with GUI. Following that I tried Fedora 16 and 17 - what a nightmare !!! - since my ultimate goal was to get VGA passthrough in Xen and I tried the tutorial on http://www.overclock.net/t/1205216/guid ... al-machine which uses Fedora 16.

Now I've started over again with LMDE 12, this time directly installing onto the SSD without LVM. I then installed LVM2 and prepared some LVs for / and /home.

My intention is to copy both / and /home into the LVs (from within the LMDE live USB) and adjust the grub and fstab files to reflect the changes, then reinstall grub and hope it works.

Has anyone done that before, that is copy a root file system onto an LVM and reinstalling grub2?

In essence this would be moving a regular install onto LVM2. Any help is appreciated as I hate to go through the entire install once again.

Has anyone been able to get this to work since the 201204 iso was released? Something has changed and I don't know what. I had it working with no problems with the previous iso but continue to get errors this time. I even tried to use the older iso and get the same failures each time on several different laptops where it worked before.

@angryrooster: I don't know how far you got. One of the things that is different from this how-to is that the new LMDE doesn't use gmd3.conf but mdm instead. The entry is the same, though.

I went through numerous installations of Fedora16/17, LMDE 201204 and now LM13. I did manage to install LMDE 201204 using this how-to, but it somehow got messed up since I didn't edit the mdm file.

I'm now trying a different approach:

1. Boot with live USB (I made it UEFI bootable, but it will most likely be easier to have an MBR disk format).
2. Install LVM2 and gnome-disk-util (this can handle LVM drives as well).
3. Format the disk to gpt with EFI or MBR - I failed to make it work with UEFI, though, because grub-efi wouldn't load the kernel and hang. Could be grub bug. I am trying now ELILO as EFI bootloader.
4. Create the partitions with /boot/efi vfat32 for UEFI (if you want to give it a try), /boot ext2 partition, and / and /home as LVMs in VG vol1 (or your name of choice).
5. After you created the partitions and LVs, you can run the installer. Choose the custom disk option (not the erase disk option). It will recognize the LVs (if not, exit the installer and mount them).
6. After the installation, DON'T reboot!
7. Mount all partitions under /mnt (i.e. /dev/mapper/vol1-root under /mnt, /dev/sda2 as /boot (sda2 is my ext2 /boot partition), /dev/sda1 (my EFI vfat partition) under /boot/efi, and /dev/mapper/vol1-home under /mnt/home. You will need to mkdir /mnt/home /mnt/boot /mnt/boot/efi.
8. See the above instructions (in another post) on how to mount and chroot to /mnt.
9. Follow the above how-to instructions for encryption, LVM and grub. Don't forget to install LVM2 again - this time it should install on your hard drive.
10. Don't use the steps for deleting the mint user.
11. Finally, check the /boot/grub/grub.cfg (or .conf file) and see if it looks OK. Pay particular attention to the UUIDs. Mine got screwed up at the first UUID reference were it used a UUID I couldn't locate. Use blkid to see your UUID mappings.
12. Since I was trying to get UEFI work with grub, my installation failed at booting the kernel. I CAN'T VOUCH THAT THIS WILL WORK !!!

What I did get:

- All system files were installed and the user created with his/her home directory. / and /home is on LVM.
- A recognizable UEFI partition that my motherboard (Asus Sabertooth X79) accesses during boot.
- I get an efidisk: read error when booting - this may be a grub issue with UEFI. I will try ELILO as bootloader to see if this works. If not, I'll have to do it all over again and use MBR or GPT-BIOS instead of UEFI.

Let me know if anyone tried my approach, or if the approach cannot work for one reason or another. I don't really see why it shouldn't work, and the advantage is that it creates the user and everything should be ready and in place.

1986 wrote:how can I do unencrypted boot on USB, and full encrypted HDD then? because I wanna boot system from USB

Have a look at the application "cryptkeeper". It's a tray applet that allows you to create and access encrypted folders. These folders are then hidden and can only be accessed via the cryptkeeper applet using a password.

I mostly followed the above instructions to install LMDE 201303 onto an encrypted disk, but without LVM.

I was successful installing onto a hard drive at /dev/sda, but when I tried to install onto an encrypted USB drive or SD card, the boot would fail.

The reason for the failure is that the device location of USB drives and SD cards can change from system to system and boot to boot. (Actually, the location of hard drives can change as well, but that may happen less frequently.)

Anyway, to fix the problem, I rewrote /etc/crypttab to use UUID's rather than device paths. After doing that (and rebuilding initramfs and rerunning grub), my USB drives and SD cards would boot and successfully mount the encrypted root partition.